OAuth Integration

Registered partner applications are entitled to access Lightroom customer content with a user access token generated through a standard OAuth workflow provided by the Adobe Identity Management System (IMS).

Note: Following best security practices, user access tokens or refresh tokens must be stored in any backend service in a secure format with encryption at rest.

The OAuth workflow is described in detail in the Adobe IMS Authentication and Authorization documentation. It requires an API key and client secret obtained by Creating an Integration.

Partner applications must include the lr_partner_apis and lr_partner_rendition_apis scope (along with the standard openid and AdobeID scopes) to access the Lightroom Services.

To allow renew of refresh token, additional setup is needed on the API key. Should your application require this capability, you must contact Adobe and describe your needs.

Authentication Sample Code

Adobe I/O provides two OAuth samples on GitHub for the authentication workflow, one in Node.js and one in Python.

To run the Node.js sample, replace the creative_sdk scope in server/index.js with lr_partner_apis,lr_partner_rendition_apis and follow the instructions in the ReadMe to run the application.
To run the Python example, replace the creative_sdk scope in adobe-oauth2.0.py with lr_partner_apis,lr_partner_rendition_apis and follow the instructions in the ReadMe to run the application.

Authorization through the Adobe Identify Management System is working as expected if a user is able to successfully log in and view their profile information.